toggle

AAPL Stock: 101.31 ( + 1.2 )

Printed from http://www.macnn.com

Bug in iOS 5.0.1 allows bypassing of lock screen

updated 12:30 am EST, Thu February 23, 2012

Sim card 'confusion' access phone, contacts

A flaw demonstrated in a YouTube video (seen below) demonstrates a difficult-to-access but reproducible bug in iOS 5.0.1 that can allow unauthorized users to bypass a lock screen on GSM-based iPhones and access recent contacts, make calls or even use FaceTime, iPhoneIslam reports. The hack revolves around trying to return a missed call while the sim card is taken out and re-inserted repeatedly (or in an area with no network coverage).

After multiple tries at returning a missed call without network coverage or the SIM, the iPhone will unlock itself to the phone application (and the SIM can be re-inserted or the phone taken to a location with network coverage). Once in the phone app, users can make phone calls, call anyone on the contact list, and make FaceTime calls. It's not known if the bug can be reproduced on non-GSM iPhones.

A similar bug was discovered in iOS 4, and the effect of the hack is reminiscent of the "smart cover" bug that bypassed iPad lock screens. Another bug in iOS 5 makes it possible for unauthorized users to access the camera roll, but again was difficult to access as it required the authorized user to deliberately reset the clock in the iPhone back in time, thus making photos that were taken "in the future" accessible via the lock screen's camera button.

Because of the difficulty in making the 'phone confusion' trick work in the first place, coupled with the unlikely circumstances of allowing others to have the time and knowledge to reproduce the hack, the problem can't be seen as a significant security threat, even if an iPhone is stolen. Users can remotely wipe a stolen iPhone if someone attempts to use it.

As the bug has been recently discovered, it's not known if Apple was already aware of it or if it is planning to fix the admittedly-rare issue in iOS 5.1, which is currently undergoing developer testing. [via iPhoneIslam]





by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Arne_Saknussemm

    Joined: Dec 1969

    -5

    And you wonder why...

    The air force refrained from getting iStuff!

  1. DaJoNel

    Joined: Dec 1969

    +2

    And we wonder why...

    You bother to open your mouth.

  1. ferdchet

    Joined: Dec 1969

    +2

    I did?

    I wondered that? Really? Because what - Android is more secure? Was that your point, Arne? Somehow, I'm not seeing it. Android, which you can get malware from their marketplace? That Android? The same Android that the former CTO of the DIA said that DoD shouldn't use due to "serious security issues" and "should be excluded from government use"?

    Maybe I'm laying it on too thick. You tell me.

  1. testudo

    Joined: Dec 1969

    0

    Re: I did?

    Android, which you can get malware from their marketplace? That Android?

    Except the gov't wouldn't be getting their apps from the marketplace, would they? And iOS has its share of malware too. They just don't call it malware. They call it "apps which do things which they should have gotten permission to do first, but didn't".

    The same Android that the former CTO of the DIA said that DoD shouldn't use due to "serious security issues" and "should be excluded from government use"?

    Well, if the former CTO (wait, why is he the 'former' CTO?) said that, it must be true. Because we know CTOs know everything about everything when it comes to technology. Unless one says they're switching to WIndows instead of Macs, or anything else that isn't 100% pro apple. Then we just assume they were bribed by someone, or they're just idiots who haven't a clue and making decisions by throwing darts at a board.

  1. Flying Meat

    Joined: Dec 1969

    +1

    And, you must be

    flawlessly performing the hokey-pokey during the Phone confusion process. ;)

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

ActvContent Sync Smartband

Smartbands of all sorts are hitting the market. Some build on the buzz around fitness trackers, while others offer simpler features fo ...

RocketStor 6324L Thunderbolt 2 eSATA bridge

Like it or not, the shift to Thunderbolt is underway. The connection is extremely flexible, allowing for video and data to co-habitate ...

Patriot Stellar Boost XT 64GB USB 3.0 drive

A vast selection of USB memory sticks means that consumers can often find exactly the size drive they need in a configuration that can ...

toggle

Most Commented